0

Can anyone give me a hint if it is possible to ask Android to include (or 'trust') additional Root CA in their OS ( which will be updated during next update and pre installed on the new instances)?

At this moment each website which use SSL certificate for https which is signed by our Certificate Authority is asking for trusting this website by showing

untrusted connection warning

Of course installing certificate manually solve the problem, but this is not the case considering number of operation which user has to make in order to use the website without concerns that he is being attacked by some kind of men in the middle attack.

For the record we have pass audits made by the independent organizations.

Valery Viktorovsky
  • 6,487
  • 3
  • 39
  • 47
Mithrand1r
  • 2,313
  • 9
  • 37
  • 76
  • This question appears to be off-topic because it is not about programming. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. You should review Chromium's [Root Certificate Policy](http://www.chromium.org/Home/chromium-security/root-ca-policy), and then follow up on the appropriate vendor's forum. – jww Jul 25 '14 at 05:13

1 Answers1

1

Root Certificate Policy - The Chromium Projects says:

If you are a root CA, the following contacts should be used:

...

Android: Please file a bug at http://code.google.com/p/android/issues/entry . Note that, similar to Linux, the certificates included within the Android sources may be further altered by device manufacturers or carriers, pursuant to their local programs.

Community
  • 1
  • 1
jariq
  • 11,681
  • 3
  • 33
  • 52